CWE:
 

Topic
Date
Author
Med.
Medical Clinic Website Script SQL Injection
20.01.2017
Ihsan Sencan
Med.
OpenExpert 0.5.17 SQL Injection
19.01.2017
Nassim Asrir
Med.
iTechScripts Payment Gateway Script 8.46 SQL Injection
19.01.2017
Hasan Emre Ozer
Med.
iTechScripts Video Sharing Script 4.93 Cross Site Scripting / SQL Injection
19.01.2017
Hasan Emre Ozer
Med.
Courier Management System Cross Site Scripting / SQL Injection
19.01.2017
Sibusiso Sishi
Med.
B2B Script 4.27 SQL Injection
19.01.2017
Dawid Morawski
Med.
Flippa Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Buy And Sell Market Place Software SQL Injection
19.01.2017
Ihsan Sencan
Med.
Fileserve Clone Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Auction Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Online Printing Business Clone Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Wetransfer Clone Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Business Directory Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Clone Of Oddee Script 1.1.3 SQL Injection
19.01.2017
Ihsan Sencan
Med.
Online Tshirt Design Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Manufacturer Website Design Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
NGO Directory Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Justdial Clone Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
My Private Tutor Website Builder Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Micro Blog Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Online Mobile Recharge Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Dentist Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Study Abroad Education Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Finance Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
NGO Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Questions And Answers Script 1.1.3 SQL Injection
19.01.2017
Ihsan Sencan
Med.
Yoga And Fitness Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Shiksha Education Website Script SQL Injection
19.01.2017
Ihsan Sencan
Med.
Business Networking Script 8.11 Cross Site Scripting / SQL Injection
17.01.2017
Ahmet Gurel
Med.
Million Pixels 3 SQL Injection
17.01.2017
Adeghsan Aencan
Med.
Arabinfotech SQL INJECTION
16.01.2017
Mohammad Babaee
Med.
IMAGO MEDIA CMS SQL INJECTION
16.01.2017
K33P-S1L3NT
Med.
Haraj v2 Script SQL injection Vulnerability
16.01.2017
xBADGIRL21
Med.
Wordpress cmw-speakers Plugin SQL injection Vulnerability
14.01.2017
xBADGIRL21
Med.
Online Food Delivery 2.04 SQL Injection
14.01.2017
Dawid Morawski
Med.
Job Portal Script 9.11 SQL Injection
14.01.2017
Dawid Morawski
Med.
iTechscripts Freelancer Script 5.11 SQL Injection
14.01.2017
v3n0m
Med.
School Management Software 2.75 SQL Injection
14.01.2017
Adeghsan Aencan
Med.
Movie Portal Script 7.35 SQL Injection
12.01.2017
Ihsan Sencan
Med.
Travel Portal Script 9.33 SQL Injection
12.01.2017
Ihsan Sencan
Med.
Larice Club Sqli Vulnerability
11.01.2017
TunaDurnal
Med.
PT Kabelindo Murni Tbk Sqli Vulnerability
11.01.2017
TunaDurnal
Med.
NIGHT GALLERY Sqli Vulnerability
11.01.2017
TunaDurnal
Med.
Make Or Break 1.7 SQL Injection
11.01.2017
v3n0m
Med.
Starting Page 1.3 SQL Injection
11.01.2017
JaMbA
Med.
My PHP Dating 2.0 SQL Injection
10.01.2017
Ihsan Sencan
Med.
My Link Trader 1.1 SQL Injection
10.01.2017
Ihsan Sencan
Med.
My Click Counter 1.0 SQL Injection
04.01.2017
AnarchyAngel
Med.
Apycom Menus Admin Page Bypass
03.01.2017
RicoDiaZ
Med.
HZLWEB SQLi Vulnerability
01.01.2017
RicoDiaZ
Med.
Dell SonicWALL Global Management System GMS 8.1 Blind SQL Injection
31.12.2016
Gjoko 'LiquidWorm' Krs...
Med.
Joomla! Blog Calendar SQL Injection
30.12.2016
X-Cisadane
Med.
Joomla aWeb Cart Watching System For Virtuemart 2.6.0 SQL Injection
30.12.2016
Javi Espejo
Med.
WordPress Simply Poll 1.4.1 SQL Injection
29.12.2016
TAD GROUP
Med.
Joomla Blog Calendar SQL Injection
27.12.2016
X-Cisadane
Med.
Webworx Design Group SQL Injection Vulnerabilites
21.12.2016
Ashiyane Digital Secur...
Med.
Webworx Design Group Blind SQLi Vulnerabilites
21.12.2016
Ashiyane Digital Secur...
Med.
Joomla RPL 8.9.2 SQL Injection
20.12.2016
xBADGIRL21
Med.
Solution By : Jaya Shri Combine Sql injection
20.12.2016
Gravedigger
Med.
WordPress Support Plus Responsive Ticket System 7.1.3 SQL Injection
20.12.2016
Lenon Leite
Med.
WordPress 404 1.0 SQL Injection
20.12.2016
Deloitte
Med.
WordPress Private Messages 1.0.1 SQL Injection
20.12.2016
Lenon Leite
Med.
East of Western Mobile Scripts SQLi
18.12.2016
fl3xpl0it
Med.
Joomla com_rpl SQL injection Vulnerability
17.12.2016
xBADGIRL21
Med.
Escuelasdefutbolchile Sqli & Admin Page Bypass
17.12.2016
Hack&Security TR
Med.
VMPanel 2.7.4 - SQL Injection Web Vulnerability
15.12.2016
ZwX
Med.
Joomla extension DT Register SQL injection
13.12.2016
Elar Lang
Med.
Smart Guard Network Manager 6.3.2 SQL Injection
13.12.2016
Rahul Raz
Med.
WordPress Single Personal Message 1.0.3 SQL Injection
06.12.2016
Lenon Leite
Med.
Ausführliche TV-Tipps SQLi Vulnerability
03.12.2016
TheCenahmet
Med.
Quanto Soluções & Sistemas SQL injection Vulnerability
03.12.2016
TheCenahmet
Med.
Creation et Promouvoir de votre site web SQL injection Vulnerability
03.12.2016
TheCenahmet
Med.
Luis Bernardo SQL injection Vulnerability
01.12.2016
TheCenahmet
Med.
internetburo SQL injection Vulnerability
01.12.2016
TheCenahmet
Med.
Designed by WEBRIDGES SQL injection
30.11.2016
Azerbaycanli Hacker
Med.
WordPress Olimometer 2.56 SQL Injection
29.11.2016
TAD GROUP
Med.
ChatNow 1.1 - SQL Injection Web Vulnerability
28.11.2016
ZwX
Med.
desh universal CMS SQL Injection
28.11.2016
Mr.voltage
Med.
Explore It SQL injection Vulnerability
28.11.2016
Mr.voltage
Med.
Real Design SQL injection
28.11.2016
Cyber Hack Team
Med.
Created by Brandon & HAKOBYANS SQL Injection
26.11.2016
Azerbaycanli Hacker
Med.
Rayan Information Technology SQL injection Vulnerability
22.11.2016
VAHiDZOOM
Med.
Red Jasmin 1.0 SQL Injection
22.11.2016
behrouz mansoori
Med.
Post Indexer 3.0.6.1 SQL Injection
19.11.2016
Glyn Wintle
Med.
Relevanssi Premium 1.14.4 SQL Injection
19.11.2016
Glyn Wintle
Med.
Lepton 2.2.2 Stable SQL Injection
19.11.2016
Tim Coen
Med.
WordPress Answer My Question 1.3 SQL Injection
18.11.2016
Lenon Leite
Med.
WordPress Sirv 1.3.1 SQL Injection
18.11.2016
Lenon Leite
Med.
DCFM Blog 0.9.7 Blind SQL Injection
18.11.2016
N_A
Med.
Website By CrossComm SQL Injection
17.11.2016
Team Special Agen
Med.
Resaneh Pardaz Pars SQL injection Vulnerability
16.11.2016
VAHiDZOOM
Med.
phpWebAdmin 1.0 SQL Injection
15.11.2016
N_A
Med.
Adservices Inc Script SQL Injections
13.11.2016
fl3xpl0it
Med.
CMS pejvakco SQL Injection
13.11.2016
Bl4ck M4n
Med.
Maraid Design Blind Sql Injection
13.11.2016
Cyber Hack Team
Med.
vBulletin 4.2.3 SQL Injection
12.11.2016
error1046
Med.
OCOMON Sql Injection Via POST
12.11.2016
Jonatas Fil, jonatasfi...
Med.
4images 1.7.13 SQL Injection
11.11.2016
Ahmed sultan
Med.
Orange Dice Solutions CMS SQL Injection
09.11.2016
Azerbaijan Cyber Army
Med.
Schoolhos CMS 2.29 SQL Injection
08.11.2016
Vulnerability Lab


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Medium
CVE-2015-1517

Vendor: Piwigo
Software: Piwigo
 

 
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.

 
2015-02-17
Medium
CVE-2015-1616

Vendor: Mcafee
Software: Data loss pr...
 

 
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

 
2015-02-16
Medium
CVE-2015-1434

Vendor: Mylittleforum
Software: My little forum
 

 
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.

 
2015-02-12
Medium
CVE-2015-1471

Vendor: Pragyan cms project
Software: Pragyan cms
 

 
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

 
2015-02-11
Medium
CVE-2015-1576

Vendor: YUBA
Software: U5cms
 

 
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.

 
2015-02-06
Medium
CVE-2015-1442

Vendor: AAS9
Software: Zerocms
 

 
SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to zero_view_article.php vector is already covered by CVE-2014-4034.

 
Medium
CVE-2015-1467

Vendor: Fork-cms
Software: Fork cms
 

 
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.

 
Medium
CVE-2015-1513

Vendor: Siphon
Software: Siphone ente...
 

 
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.

 
Medium
CVE-2015-1514

Vendor: Fancyfon
Software: Famoc
 

 
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php.

 
2015-02-04
Medium
CVE-2014-7864

Vendor: Zohocorp
Software: Manageengine...
 

 
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attackers and remote authenticated users to execute arbitrary SQL commands via the (1) customerName or (2) serverRole parameter in a standbyUpdateInCentral operation to servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

 

 


Copyright 2017, cxsecurity.com